Difference between revisions of "GC ESA Artifact Repository"

From wiki
Jump to navigation Jump to search
(Created page with "<div class="center"><div style="float: right; z-index: 10; position: absolute; right: 0; top: 1;">File:JoinusonGCconnex.png|link=https://gcconnex.gc.ca/groups/profile/278554...")
 
 
(One intermediate revision by the same user not shown)
Line 16: Line 16:
 
! style="background: #9a9af8; color: black" width="18%" scope="col" |  [[GC ESA Artifact Repository|ESA Artifact Repository]]  
 
! style="background: #9a9af8; color: black" width="18%" scope="col" |  [[GC ESA Artifact Repository|ESA Artifact Repository]]  
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[GC Threat Assessments - Repository| GC Threat Assessment Repository]]  
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[GC Threat Assessments - Repository| GC Threat Assessment Repository]]  
! style="background: #c2c2fa; color: black" width="12%" scope="col" | [[GC Security Assessments - Repository|GC Security Assessment Repository]]
 
 
! style="background: #c2c2fa; color: black" width="18%" scope="col" | [[Emerging Technologies]]
 
! style="background: #c2c2fa; color: black" width="18%" scope="col" | [[Emerging Technologies]]
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]]  
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]]  
 
|} </div></div>
 
|} </div></div>
 
+
{{Delete|reason=Expired Content}}
{{TOCright}}
 
 
 
== GC ESA Artifacts ==
 
[[Media:GC ESA Program Charter.pdf|GC ESA Program Charter]] -- [[ESA Program Charter|<u>'''Synopsis'''</u>]] // [[Media:Charte du programme.pdf| Charte du programme de l'ASI du GC]]
 
 
 
[[Media: GC ESA Program Implementation Framework.pdf|GC ESA Program Implementation Framework]] -- [[ESA Program Implementation Framework|<u>'''Synopsis'''</u>]]
 
 
 
[[Media:GC ESA Framework.pdf|GC ESA Framework]] -- [[ESA Framework|<u>'''Synopsis'''</u>]]
 
 
 
[[Media:GC ESA Backgrounder.pdf|GC ESA Backgrounder]] -- [[ESA Backgrounder (Strategy)|<u>'''Synopsis'''</u>]]
 
 
 
[[Media:GC ESA Vision and Strategy.pdf|GC ESA Vision and Strategy]]
 
 
 
[[Media:GC ESA Enterprise Threat Assessment for Executives.pdf|GC ESA Enterprise Threat Assessment - January 2017 Update]]
 
 
 
[[Media:GC ESA Requirements Database Overview.pdf|GC ESA Requirements Database Overview]]
 
 
 
[[Media:GC ESA Architectural Needs Report.xlsx|GC ESA Architectural Needs]]
 
 
 
GC ESA System Requirements Traceability Matrix
 
 
 
GC ESA Security Controls Mapping Matrix
 
 
 
[[Media:Mobile Device Security Considerations Discussion Paper.pdf|Mobile Device Security Considerations Discussion Paper]]
 
 
 
[[Media:GC ESA - PALL-PBMM Security Control Profile Analysis.pdf|GC ESA PALL-PBMM Security Control Profile Analysis]]
 
 
 
[[Media:GC ESA Security Guide for Installation of Interconnections.docx|GC ESA Security Guide for Installation of Interconnections]]
 
 
 
=== ''GC ESA Concept of Operations'' ===
 
[[Media:GC Enterprise Security ConOps.pdf|GC ESA ConOps Main Body]] -- '''[[ESA Security ConOps|<u>Synopsis</u>]]'''
 
 
 
[[Media:GC Enterprise Security ConOps - ANNEX A DLP.pdf|GC ESA ConOps Annex A: Data Loss Prevention]] -- '''<u>[[Annex A: Data Loss Prevention|Synopsis]]</u>'''
 
 
 
[[Media:GC Enterprise Security ConOps - ANNEX B Cloud Security.pdf|GC ESA ConOps Annex B: Cloud Security]] -- '''<u>[[Annex B: Cloud Security|Synopsis]]</u>'''
 
 
 
[[Media:GC ESA ConOps - ANNEX C Secure Enterprise Application Delivery.pdf|GC ESA ConOps Annex C: Secure Enterprise Application Delivery]] -- '''<u>[[Annex C: Secure Enterprise Application Delivery|Synopsis]]</u>'''
 
 
 
[[Media:GC ESA ConOps - ANNEX D Secure Enterprise Systems Administration.pdf|GC ESA ConOps Annex D: Secure Enterprise Systems Administration]] -- '''<u>[[Annex D: Secure Enterprise Systems Administration|Synopsis]]</u>'''
 
 
 
[[Media:GC ESA ConOps - ANNEX E GC Enterprise VMS.pdf|GC ESA ConOps Annex E: Vulnerability Management System]] -- '''<u>[[Annex E: Vulnerability Management System|Synopsis]]</u>'''
 
 
 
===''GC ESA Description Documents'' ===
 
[[Media:GC ESA Description Document (ESADD) - Main Body.pdf|GC ESA Description Document Main Body]] -- [[ESA Architecture Description Document (ESADD)|<u>'''Synopsis'''</u>]]
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX A END.pdf|GC ESA Description Document Annex A - Endpoint Security (END)]] -- <u>'''[[Annex A: Endpoint Security|Synopsis]]'''</u>
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX B DAT.pdf|GC ESA Description Document Annex B - Data Security (DAT)]] -- <u>'''[[Annex B: Data Security|Synopsis]]'''</u>
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX C NCS.pdf|GC ESA Description Document Annex C - Network and Communications Security (NCS)]] -- <u>'''[[Annex C: Network and Communications Security|Synopsis]]'''</u>
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX D OPS.pdf|GC ESA Description Document Annex D - Security Operations (OPS)]]
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX E APP.pdf|GC ESA Description Document Annex E - Application Security (APP)]]
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX F CSS.pdf|GC ESA Description Document Annex F - Compute and Storage Services Security (CSS)]]
 
 
 
=== ''GC ESA Pattern Diagrams & Use Cases'' ===
 
[[Endpoint Security|GC ESA END Pattern Diagrams and Use Cases]]
 
 
 
[[Data Security|GC ESA DAT Pattern Diagrams and Use Cases]]
 
 
 
[[Network and Communications Security|GC ESA NCS Pattern Diagrams and Use Cases]]
 
 
 
[[Security Operations|GC ESA OPS Pattern Diagrams and Use Cases]]
 
 
 
[[Application Security|GC ESA APP Pattern Diagrams and Use Cases]]
 
 
 
[[Compute and Storage Services Security|GC ESA CSS Pattern Diagrams and Use Cases]]
 
 
 
== GC ESA Initiatives ==
 
 
 
'''Cloud Security'''
 
<br>
 
[[Media:GC Cloud Security Risk Management Approach and Procedures - EN.pdf|GC Cloud Security Risk Management Approach and Procedures]] // [[Media:Approche et procédures de gestion des risques liés à la sécurité de l’informatique en nuage - FR.pdf|Approche et procédures de gestion de risque de la sécurité de l’informatique en nuage]]
 
[[Media:GC Cloud Profile PBMM - EN.pdf|GC Security Control Profile for Cloud-Based GC IT Services (PB/M/M) (Version 1.1, March 2018)]] // [[Media:GC Cloud Profile PBMM - FR.pdf|Profil de contrôle de sécurité pour les services de la TI du GC fondés sur l’informatique en nuage (PB/M/M) (Version 1.1, mars 2018)]]
 
* [[Media:GC Cloud Security Controls v1.1.xls|Version 1.1 - Appendix A Matrix (Excel)]]
 
* [[Media:GC Cloud Profile PBMM v1.1 - EN (Track Changes).pdf|Track Changes Version 1.1]]
 
**''Archived Versions''
 
*** [[Media:GC Cloud Profile PBMM v1.0 - EN.pdf|GC Security Control Profile for Cloud-based GC IT Services (PB/M/M) (Version 1.0, Feb 2017)]] // [[Media:GC Cloud Profile PBMM v1.0 - FR.pdf|Profil de contrôle de sécurité pour les services de la TI du GC fondés sur l’informatique en nuage (PB/M/M) (Version 1.0, fev 2017)]]
 
***[[Media:GC Cloud Security Controls v1.0.xls|Version 1.0 - Appendix A Matrix (Excel)]]
 
***[[Media:GC Cloud Profile PBMM v1.0 - EN (Track Changes).pdf|Track Changes Version 1.0]]
 
[[Media:GC Cloud Tiered Assurance Model.xlsx|GC Cloud Tiered Assurance Model]]<br>
 
[[Media:GC SaaS Assessment Tool.xlsx|GC SaaS Assessment Tool]]<br>
 
[[Media:GC Enterprise Hybrid Cloud High-Level Design.pdf|GC Enterprise Hybrid Cloud High-Level Design]]
 
<br>
 
[[Media:Considerations for Use of Cryptography in Cloud.pdf|Considerations for the Use of Cryptography in Cloud]] //
 
[[Media:Considérations relatives à l’utilisation de la cryptographie dans les services d’informatique en nuage commerciaux.pdf|Considérations relatives à l’utilisation de la cryptographie dans les services d’informatique en nuage commerciaux]]
 
<br>
 
[[Media:GC ESA Security Design Patterns for SaaS-based Solutions.pdf|GC ESA SaaS Design Patterns]]
 
*[[Media:Baseline controls for SaaS Solutions.xlsx|Baseline controls for SaaS Solutions]]
 
[[Media:GC Secure Cloud Connectivity Requirements.pdf|GC Secure Cloud Connectivity Requirements]]
 
* [[Media:GC Cloud Access Use Cases.xlsx|GC Cloud Access Use Cases]]
 
* [[Media:GC Cloud Connection Patterns.pdf|GC Connection Patterns]]
 
[[Media:GC Cloud Guardrails.pdf|<nowiki/>]][[Media:GC Cloud Guardrails.pdf|GC Cloud Guardrails]]
 
*[https://www.gcpedia.gc.ca/gcwiki/images/e/ed/GC_Cloud_Guardrails.xlsx GC Cloud Guardrails - Initial 30 Days (Scope is security of the cloud tenant)]
 
*[[Media:SOP for Validating Cloud Guardrails.pdf|<nowiki/>]][[Media:SOP for Validating Cloud Guardrails.pdf|Standard Operating Procedure for Validating Cloud Guardrails]]
 
*[https://canada-ca.github.io/cloud-guardrails-O365 GC Cloud Guardrails for Office 365]
 
*[[Media:Office 365 Security Baseline Configuration.xlsx|Office 365 Security Baseline Configuration]] **Version 1.6 update**
 
*[[Media:GC Departmental Domains.xlsx|GC Departmental Domains - External Access Configuration]]
 
[[Media:Considerations for Enabling Collaboration in MS Teams.pdf|Considerations for Enabling Collaboration in MS Teams]] / [[Media:Considérations pour faciliter la collaboration dans Microsoft Teams.pdf|Considérations pour faciliter la collaboration dans Microsoft Teams]]
 
 
 
[[Media:Considerations for Using Microsoft Cognitive Services.pdf|Considerations for Using Microsoft Cognitive Services]] /  [[Media:Considérations liées à l’utilisation de Microsoft Cognitive Services.pdf|Considérations liées à l’utilisation de Microsoft Cognitive Services]]
 
<br>
 
[[Media:GC Cloud Enablement - The Building Blocks.pptx|GC Cloud Enablement - The Building Blocks]] / [[Media:Les éléments de base pour les solutions infonuagiques du GC.pptx|Les éléments de base pour les solutions infonuagiques du GC]]
 
<br>
 
<br>
 
<br>
 
'''Application Security'''
 
<br> [[Media:GC DevSecOps Conceptual Framework.pdf|GC DevSecOps Conceptual Framework]]
 
<br> [[Media:Guidance for Software Assurance.pdf|DRAFT Guidance on Software Assurance]]
 
<br> [[Media:Guidance for Secure Application Development.pdf|DRAFT Guidance for Secure Application Development]]
 
<br> [[Media:Guidance for Secure Containers and Microservices.pdf|DRAFT Guidance for Secure Containers and Microservices]]
 
<br> [[Media:Security Controls Mapping to Docker and Kubernetes.xlsx|DRAFT Security Controls Mapping to Docker and Kubernetes]]
 
<br>[[Media:Application Security Training.pdf|Application Security Training - Sept 2018]]<br>
 
<br>
 
'''Data Loss Prevention'''
 
<br> [[Media:GC Enterprise DLP HLD.pdf|GC ESA Data Loss Prevention High-Level Design]]
 
<br> [[Media:GC Enterprise DLP Implementation Strategy.pdf|GC Enterprise Data Loss Prevention Implementation Strategy]]
 
<br> [[Media:DRAFT for Discussion - GC Data Protection Strategy - DLP Initiative.pdf|DRAFT GC ESA Data Protection Strategy - DLP Initiative Presentation]]
 
<br>
 
<br> '''Vulnerability Management System'''
 
<br> [[Media:GC Enterprise VMS HLD.pdf|GC ESA Vulnerability Management System High-Level Design]]
 
<br> [[Media:Overview of Vulnerability Disclosure for the GC.pdf|Overview of Vulnerability Disclosure for the GC]]
 
<br> [[Media:Vulnerability Disclosure Program for the GC - Recommendations Report.pdf|Vulnerability Disclosure Program for the GC - Recommendations Report]]
 
<br> [[Media:Vulnerability Disclosure Policy Template.pdf|Vulnerability Disclosure Policy Template]]
 
<br>
 
<br> '''GC Trusted Interconnection Points (GC-TIP)'''
 
<br> [[Media:GC Trusted Interconnection Points (GC-TIP) Concept.pdf|GC Trusted Interconnection Points (GC-TIP) Concept]]
 
<br>
 
<br> '''GC Endpoint Visibility and Awareness (EVA)'''
 
<br> [[Media:GC Endpoint Visibility and Awareness (EVA) Concept.pdf|GC Endpoint Visibility and Awareness (EVA) Concept]]
 
<br>
 
<br> '''GC Zero Trust Security (ZTS)'''
 
<br> [[Media:GC Zero Trust Security Concept.pdf|GC Zero Trust Security (ZTS) Concept]]
 
<br> [[Media:GC Zero Trust Reference Architecture.pdf|DRAFT GC Zero Trust Security Reference Architecture]]
 
<br>
 
<br> '''GC Enterprise Continuous Monitoring'''
 
<br> [[Media:GC Enterprise Information Security Continuous Monitoring Concept Paper.pdf|DRAFT GC Enterprise Information Security Continuous Monitoring Concept]]
 
<br>
 
<br>
 
'''Identity, Credential, and Access Management'''
 
<br>[https://github.com/canada-ca/CATS-STAE Cyber Authentication Technology Solutions (CATS) specifications (2.0 and draft 3.0)]<br>[https://github.com/canada-ca/CATS-STAE/tree/develop/Social DRAFT Social Media Login Guidance]
 
<br>[[Media:GC Cloud Authentication Guidance.pdf|''GC Cloud Authentication Guidance'']]
 
<br>[[Media:Recommendations for 2FA within the GC Enterprise Domain.pdf|Recommendations for Two-Factor Authentication within the GC Enterprise Domain]]
 
<br>[[Media:GC MFA Strategy.pdf|<nowiki/>]][[Media:GC MFA Strategy.pdf|GC Multi-Factor Authentication (MFA) Strategy Paper]]
 
 
 
'''Password Guidance'''<br>[https://www.canada.ca/en/government/system/digital-government/online-security-privacy/password-guidance.html GC Password Guidance]
 
<br>[[Media:Implementation Strategy for GC Password Guidance.pdf|DRAFT Implementation Strategy for GC Password Guidance]]
 
<br>[[Media:GC password manager guidance v0.4 27Jan 20.docx|<nowiki/>]][https://www.gcpedia.gc.ca/gcwiki/images/b/bd/GC_Password_Manager_Guidance_%28July_2020%29.pdf GC Password Manager Guidance]
 
[https://www.gcpedia.gc.ca/gcwiki/images/b/bd/GC_Password_Manager_Guidance_%28July_2020%29.pdf <br>][https://www.gcpedia.gc.ca/gcwiki/images/d/dd/Generic-BRD-Active-Directory-Passphrase-Compatibility-Tools.xlsm Generic BRD for AD Passphrase Compatibility Tools]
 
 
 
<br>
 
 
 
== Guidance ==
 
<br>
 
[https://www.gcpedia.gc.ca/wiki/SPIN_2015-01 SPIN-2015 Priority IT Actions]
 
<br> [https://www.gcpedia.gc.ca/wiki/SPIN_2015-01_Follow-Up_Activities SPIN-2015 Follow-up Activities]
 
<br>
 
[[Media:Guidance for the Secure Use of Collaboration Tools.pdf|Guidance for the Secure Use of Collaboration Tools]] / [[Media:Orientation sur la facilitation de l’accès aux services Web.pdf|Orientation sur la facilitation de l’accès aux services Web]] <br>
 
 
 
[[Media:Availability by Design Position Paper.pdf|DRAFT Availability by Design Position Paper]]<br>
 
 
 
[[Media:Rationale for the Protection Against Exploits of Shared Resources.pdf|Rationale for the Protection Against Exploits of Shared Resources]] *DRAFT*<br>
 
 
 
[[Media:ITSG-33 Primer for IT Projects.pdf|ITSG-33 Primer for IT Projects]]
 
<br>
 
[[Media:GC Event Logging Guidance.pdf|GC Event Logging Guidance]]
 
<br>
 
[[Media:GC Patch Management Guidance.pdf|GC Patch Management Guidance]]
 
<br>
 
[[Media:Security Playbook for Information System Solutions.pdf|Security Playbook for Information System Solutions]]
 
*[[Media:Baseline security controls for applications.xlsx|Baseline security controls for applications - Version 1.0 - Appendix A Matrix (Excel)]]
 
[[Media:Ransomware FAQ.pdf|Ransomware FAQ]]
 
<br>
 
[[Media:Considerations for GC Communication Technologies.pdf|Considerations for GC Communication Technologies]] / [[Media:Considérations liées aux technologies des communications du GC.pdf|Considérations liées aux technologies des communications du GC]]
 
<br>
 
 
 
== Security Control Profiles ==
 
[[Media:HR Services Security Control Profile.zip|Security Control Profile for Human Resources Services]]
 
<br>
 
[[Media:FM Services Security Control Profile.zip|Security Control Profile for Financial and Material Management Resources Services]]
 
<br>
 
[[Media:IM Services Security Control Profile.zip|Security Control Profile for Information Management Services]]
 
<br>
 
 
 
 
 
== Standard Operating Procedures ==
 
[[Media:Guideline for Authorization of Enterprise Systems.pdf|Guideline for Authorization of Enterprise Systems]]
 
<br>[[Media:GC Cloud Event Management Standard Operating Procedure.pdf|GC Cloud Event Management Standard Operating Procedure]]
 
<br>[[Media:Exception Request for Inverse Split Tunneling Allow List.xlsx|Exception Process for Inverse Split Tunneling Allow List]]  / [[Media:Demande d’exception visant une mise sur liste blanche de la segmentation du tunnel inverse.xlsx|Demande d’exception visant une mise sur liste autoriser de la segmentation du tunnel inverse]]
 
<br>[[Media:Netlogon Remediation Procedure.docx|Netlogon Remediation Procedure]] / [[Media:Netlogon Remediation Procedure-FR.docx|Procédure de correction pour Netlogon]]
 
 
 
== Tools ==
 
[[Media:GC ESA Tools Report.pdf|GC ESA Tools Report]]
 
 
 
[[Media:Tool-Security Categorization.zip|Security Categorization Tool (incl. Manual & Example)]]
 
 
 
[[Media:Tool-Business Needs for Security.zip|Business Needs for Security Tool (incl. User Manual)]]
 
 
 
[[Media:Tool-Threat Assessment.zip|Threat Assessment Tool (incl. Manual & Example)]]
 
 
 
<br>
 
 
 
== Templates ==
 
[[Media: ITSG-33 Controls Template.vsd|ITSG-33 Controls Template (.VSD)]]
 
 
 
[[Media:GC ESA Concept of Operations (ConOps) Template.docx|Concept of Operations (ConOps) Template]]
 
 
 
[[Media:GC ESA System Concept (SysCon) Document Template.docx|System Operational Concept (SysCon) Template]]
 
 
 
[[Media:GC ESA Guide for ConOps and SysCon Document Templates.pdf|GC ESA Guide for ConOps and SysCon Document Templates]]
 
 
 
[[Media:Comments Template.xlsx|Comments Template]]
 
 
 
<br>
 
 
 
== Presentations ==
 
[[Media: Introduction to Enterprise Security Architecture (GC Security Summit 2014).pptx|Introduction to Enterprise Security Architecture (GC Security Summit 2014)]]
 
 
 
[[Media: Introduction au Programme d’architecture de sécurité intégrée du GC (Sommet sur la sécurité GC 2014).pptx|Introduction au Programme d’architecture de sécurité intégrée du GC (Sommet sur la sécurité GC 2014)]]
 
 
 
<br>
 
 
 
== GC ESA Help Page ==
 
[[GC ESA Help Page|Click Here to Learn How to Edit the ESA Portal]]
 
 
 
[[Category:Government of Canada Enterprise Security Architecture (ESA) Program]]
 
[[Category:Enterprise Security Architecture]]
 
[[Category:GC Enterprise Architecture]]
 

Latest revision as of 12:40, 20 April 2021